JPWO2016098191A1 - Tamper detection device, tamper detection system, tamper detection method and program - Google Patents

Abstract

The tampering detection device (10) has a character data receiving unit (11e) that receives character data representing a detection target, and a detection target character represented by the character data received by the character data receiving unit (11e) is set in advance. If the character change discriminating unit (11f) and the character change discriminating unit (11f) determine whether or not the character has been changed to a preset character, the character data has been altered. And a tampering detection unit (11g) for detecting that the character data has been tampered with when it is determined that the character has not been changed to a preset character. According to the falsification detection device (10), falsification of data can be easily detected, and a safer network service can be provided.

Description

  The present invention relates to an alteration detection device, an alteration detection system, an alteration detection method, and a program.

  A so-called Internet banking service is known that enables various transactions with banks using the Internet. In Internet banking, in order to ensure the safety of transactions with banks, user authentication is usually performed by a combination of a user ID and a password.

  As a technique for improving the security of user authentication, Patent Document 1 discloses an authentication system that can select a notification destination of a password (one-time password) that can be used only once in a client terminal from an email, a mobile phone, and a fixed phone. It is disclosed.

JP 2007-328381 A

  Man-in-the-browser (MITB), man-in-the-middle where the transfer destination entered in the client terminal is tampered inside the terminal or on the Internet, and the tampered data is sent to a bank server, etc. An attack called (MITM) is known. These attacks are increasing the damages of unauthorized money transfers from user accounts to unscrupulous accounts. If the bank transfer data is altered by Man in the Browser or Man in the Middle, the client's bank account (bank name, branch name, account number, etc.) It is displayed correctly. Therefore, it is difficult for the user to notice that the transfer destination data has been falsified. In addition, even if the bank server receives falsified bank transfer data, the bank account (vulnerable account) represented by the received bank transfer data actually exists and the transfer process itself is performed normally. Is called. For this reason, it is difficult for the bank to find out that the bank transfer data has been altered.

  The present invention has been made in view of such problems, and provides a falsification detection device, a falsification detection system, a falsification detection method, and a program that can easily detect data falsification and provide a more secure network service. The purpose is to do.

In order to achieve the above object, an alteration detection device according to the first aspect of the present invention provides:
Character data receiving means for receiving character data representing a detection target;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. Tamper detection means for detecting that the character data has been tampered with,
Is provided.

The tamper detection device
Character change table storage means for storing a character change table for changing the character to be detected;
In response to a request from the client terminal, the character change table stored in the character change table storage means is supplied to the client terminal, and the client terminal is caused to perform processing for changing the character to be detected by the character change table. And a character change table supply unit.

  The character change table supply means selects one telephone number from a list of a plurality of telephone numbers that are prepared in advance, and sets a character change table to be supplied to the client terminal based on the selected telephone number. And the encrypted character change table is supplied to the client terminal, the telephone number selected by the selected telephone number is transmitted to the user's mobile phone using the client terminal, and the telephone number displayed on the mobile phone is displayed. The client terminal may be made to perform a process of decrypting the encrypted character change table based on the above.

  The character change determining means determines that the character to be detected represented by the character data has been changed to the set character when belonging to the character changed by the character change table, and the character change If the character does not belong to the character changed by the table, it may be determined that the character has not been changed to the set character.

Furthermore, the falsification detection device
Causing the computer to function as a character changing unit that changes the character to be detected, and a character data transmitting unit that transmits character data representing the detection target after the character has been changed by the character changing unit to the tampering detection device. Applet storage means for storing applets;
Applet transmission means for transmitting the applet stored in the applet storage means to the client terminal according to a request from the client terminal and causing the client terminal to execute the applet may be further provided.

In addition, the falsification detection system according to the second aspect of the present invention is:
A falsification detection system comprising a client terminal and a falsification detection device that detects the presence or absence of falsification of data transmitted from the client terminal,
The client terminal is
A character changing means for changing a detection target character input in accordance with a user operation;
Character data transmission means for transmitting character data representing a detection target after the character has been changed by the character change means to the falsification detection device,
The tampering detection device includes:
Character data receiving means for receiving the character data from the client terminal;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. A tampering detection means for detecting that the character data has been tampered with.

The client terminal is
Further comprising character change table acquisition means for requesting the alteration detection device for a character change table for changing the character to be detected, and acquiring the character change table from the alteration detection device;
The tampering detection device includes:
Character change table storage means for storing the character change table;
In accordance with a request from the client terminal, the character change table stored in the character change table storage means is supplied to the client terminal, and processing for changing the character to be detected by the character change table is performed on the client terminal. And a character change table supply means.

The character change table supply means provided in the falsification detection device selects one phone number from a list of a plurality of phone numbers to be prepared in advance and supplies the selected character number to the client terminal. Is encrypted based on the selected telephone number, the encrypted character change table is supplied to the client terminal, and a telephone call is made to the user's mobile phone using the client terminal by the selected telephone number,
The character change table acquisition means provided in the client terminal may decrypt the encrypted character change table based on a telephone number displayed on the mobile phone as an incoming call.

The tampering detection device includes:
Applet storage means for storing an applet that causes the computer to function as the character change table acquisition means, the character change means, and the character data transmission means;
Applet transmission means for transmitting the applet stored in the applet storage means to the client terminal in accordance with a request from the client terminal;
The client terminal is
Applet receiving means for requesting the applet from the tamper detection device and receiving the applet from the tamper detection device;
Applet executing means for executing the applet received by the applet receiving means;
The character change table acquisition unit, the character change unit, and the character data transmission unit may function when the applet is executed by the applet execution unit.

In addition, the falsification detection method according to the third aspect of the present invention includes:
A character data receiving step in which the character data receiving unit receives character data representing a detection target; and
A character change determining unit that determines whether or not the character to be detected represented by the character data received by the character data receiving step has been changed to a preset character;
The tampering detection unit detects that the character data has not been tampered with when the character change determining step determines that the character has been changed to the set character, and has changed the character to the set character. A tampering detection step for detecting that the character data has been tampered with when it is determined that
Have

A program according to the fourth aspect of the present invention is:
Computer
Character data receiving means for receiving character data representing a detection target;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. A tamper detection means for detecting that the character data has been tampered with,
To function as.

  According to the present invention, falsification of data can be easily detected, and a safer network service can be provided.

It is the figure which showed the structure of the tampering detection system which concerns on embodiment of this invention. It is the block diagram which showed the structure of the tampering detection apparatus shown in FIG. It is the figure which showed the structure of the user information data shown in FIG. It is the figure which showed the structure of the character change table data shown in FIG. It is the figure which showed the structure of the character change table shown in FIG. It is the figure which showed the structure of the transmission number data shown in FIG. It is the figure which showed the structure of the transmission number authentication data shown in FIG. It is the figure which showed the structure of the transaction data shown in FIG. It is the block diagram which showed the structure of the client terminal shown in FIG. It is the block diagram which showed the structure of the mobile telephone shown in FIG. It is the flowchart which showed operation | movement of the tampering detection system in the scene where the authentication by user information is performed. It is the flowchart which showed operation | movement of the tampering detection system in the scene where the authentication by a telephone number is performed. It is the flowchart which showed the operation | movement of the alteration detection system in the scene where a character change table is supplied. It is the figure which showed the example of the transfer destination input screen displayed on a client terminal. It is the figure which showed the example of the incoming call number input screen displayed on a client terminal. It is the flowchart which showed operation | movement of the tampering detection system in the scene where tampering detection is performed about transfer destination data. It is the figure which showed the example of the tampering notification screen displayed on a client terminal. It is the flowchart which showed operation | movement of the tampering detection system when tampering is not detected about transfer destination data. It is the figure which showed the example of the transaction completion screen displayed on a client terminal.

  Hereinafter, a falsification detection device, a falsification detection system, a falsification detection method, and a program according to an embodiment of the present invention will be described in detail with reference to the drawings.

  The falsification detection system 1 according to this embodiment is used for a transfer (remittance) service for Internet banking. As shown in FIG. 1, the falsification detection system 1 includes a falsification detection device 10, a client terminal 20, and a mobile phone 30.

  The falsification detection device 10 is a bank server, and includes, for example, a PC (personal computer) server, a mainframe, and the like. The falsification detection device 10 receives the transfer destination data via the Internet 40, and detects whether the transfer destination data has been falsified.

  The transfer destination data includes information in which a character type input by the user, such as a bank name, a branch name, and an account number, is designated in advance. The bank name and branch name are specified by katakana, and the account number is specified by numbers. The tampering detection apparatus 10 sets any of such information as a detection target. In the present embodiment, it is assumed that the bank name is set as a detection target in the falsification detection device 10.

  Further, the falsification detection device 10 stores a table (character change table) for changing a detection target character input in accordance with a user operation. The falsification detection device 10 encrypts the character change table in accordance with a request from the client terminal 20 and supplies the encrypted character change table to the client terminal 20. The tampering detection apparatus 10 makes a call to the mobile phone 30 (makes a call) in order to decrypt the character change table in the client terminal 20.

  The mobile phone 30 is a phone owned by a user who uses the client terminal 20, and includes a smart phone or other mobile phone (feature phone (commonly called Garage)). The mobile phone 30 waits for an incoming call from the falsification detection device 10 via the telephone network 50. When there is an incoming call from the falsification detection device 10, the mobile phone 30 displays the telephone number of the falsification detection device 10 (displays the incoming call).

  The client terminal 20 is a terminal used by a user who uses an internet banking transfer service, and includes a PC (personal computer) or the like. The client terminal 20 inputs a payee's bank name, branch name, account number, etc., according to the user's operation, and generates payee data representing the payee's address. Further, the client terminal 20 requests the alteration detection device 10 for a character change table, and acquires the encrypted character change table from the alteration detection device 10. The client terminal 20 decrypts the encrypted character change table based on the telephone number of the falsification detection device 10 displayed on the mobile phone 30 as an incoming call.

  The client terminal 20 changes the character of the bank name to be detected included in the transfer destination data by using the decrypted character change table. For example, the bank name “IBISI” input in katakana according to the user's operation is changed to letters (characters other than katakana) such as letters, numbers, and symbols, such as “C @ 3 #”. The client terminal 20 transmits the transfer destination data including the detection target (bank name “C @ 3 #”) after the character is changed to the falsification detection device 10.

  The falsification detection device 10 receives the transfer destination data from the client terminal 20, and extracts the detection target character from the received transfer destination data. The tampering detection apparatus 10 determines whether or not the extracted detection target character has been changed to a preset character. The falsification detection device 10 performs this determination based on whether or not the extracted detection target character belongs to a character changed by the character change table supplied to the client terminal 20.

  Specifically, in the example described above, the bank name “C @ 3 #” is extracted as the character to be detected. “C @ 3 #” is any one of English letters, numbers, and symbols (not katakana), and all are characters changed by the character change table. In this case, the alteration detection device 10 determines that the character has been changed to a preset character. On the other hand, when the extracted character is “IVISI”, these characters are all katakana and do not belong to the characters changed by the character change table supplied to the client terminal 20. Therefore, in this case, the falsification detection device 10 determines that the character has not been changed to a preset character.

  The falsification detection device 10 detects that the transfer destination data has been falsified when it is determined that the character has not been changed to a preset character. In this case, the falsification detection device 10 does not execute the transfer process, and indicates that there is a risk of being attacked by man-in-the-browser or man-in-the-middle. Is notified to the client terminal 20.

  On the other hand, the falsification detection device 10 detects that the transfer destination data has not been falsified when it is determined that the character has been changed to a preset character. In this case, the falsification detection device 10 executes a transfer process based on the transfer destination data. The falsification detection device 10 connects to the other bank server 60 via the dedicated network 70 and executes the transfer process with the other bank server 60 when the bank account indicated by the bank transfer data is another bank. To do.

Next, the configuration of the tampering detection apparatus 10 will be described with reference to FIG.
The tampering detection apparatus 10 includes a control unit 11, a storage unit 12, an Internet communication unit 13, a telephone network communication unit 14, and a dedicated network communication unit 15.

  The Internet communication unit 13 includes a communication interface device such as a network adapter. The internet communication unit 13 communicates with each client terminal 20 via the internet 40.

  The telephone network communication unit 14 includes a communication interface device such as a telephone line connection device. The telephone network communication unit 14 makes a telephone call to each mobile phone 30 via the telephone network 50.

  The dedicated network communication unit 15 includes a communication interface device such as a network adapter. The dedicated network communication unit 15 communicates with the other server 60 via the dedicated network 70 under the control of the control unit 11 when the transfer destination represented by the transfer destination data is another bank.

  The storage unit 12 includes a storage device such as a hard disk drive (HDD), a read only memory (ROM), and a flash memory. The storage unit 12 stores various programs and data used by the control unit 11 to perform various processes, and various data generated or acquired by the control unit 11 performing various processes.

  The storage unit 12 characteristically stores a control program 12a, a transfer destination transmission applet 12b, user information data 12c, character change table data 12d, transmission number data 12e, transmission number authentication data 12f, and transaction data 12g. To do.

  The control program 12a is a program for executing processing to be described later in the falsification detection device 10. When the control unit 12 executes the control program 12a, the control unit 11 is changed to a user information authentication unit 11a, a telephone number authentication unit 11b, an applet transmission unit 11c, a character change table supply unit 11d, a character data reception unit 11e, a character It is made to function as the change determination part 11f and the alteration detection part 11g.

  The transfer destination transmission applet 12 b is a Java (registered trademark) applet executed on the client terminal 20. A Java applet has a powerful security mechanism called a sandbox, and a confirmation dialog with an electronic certificate is displayed when it is executed. Therefore, there is a low possibility that various data (transfer destination data, character change table, etc.) generated by the transfer destination transmission applet 12b during the execution of the transfer destination transmission applet 12b is leaked. When the transfer destination transmission applet 12b is executed in the client terminal 20, processing for changing the detection target character (bank name character) input to the client terminal 20 according to the user's operation, detection target after the character is changed A process of transmitting the transfer destination data including “” to the falsification detection device 10 is performed.

  The user information data 12c is data representing various types of registration information for each user who uses the Internet banking transfer service. As shown in FIG. 3, the user information data 12c includes a user ID, a name, a password, account information, a mobile phone number, and the like for each record (for each user).

  The user ID is information for uniquely identifying the user. The password is a combination of characters set by the user. The user ID and password are used for login authentication. The account information is information for identifying the user's bank account. The account information has a type and an account number. The mobile phone number is the phone number of the mobile phone 30 owned by the user.

  As shown in FIG. 4, the character change table data 12d has a plurality of different character change tables TB. Each character change table TB is identified by a table ID.

  In the character change table TB, as shown in FIG. 5, input characters and changed characters are associated with each other. The input characters have katakana characters (a, i,...) And character codes (katakana 01, katakana 02,...) That identify the characters. Changed characters are characters other than katakana (characters other than the type of input character) such as letters, numbers, symbols, etc. (C, @,...), And character codes (letters 03, symbols) 25, ...). The change character is associated with the input character in a one-to-one relationship. In addition, the changed characters are arranged in a disorderly manner without any relationship of appearance, name and concept with the input characters. With the character change table TB configured as described above, the character (“Ivy”) of the detection target (bank name) input according to the user's operation is the character corresponding to the character (here “C @ 3 #”). Changed to The character change table TB shown in FIG. 5 is a character change table TB02 having a table ID “TB02”, and the arrangement of changed characters is different from the other character change tables TB01, TB03, and TB04.

  As shown in FIG. 6, the transmission number data 12e has a list of a plurality of telephone numbers that can be used as a transmission source. The tampering detection apparatus 10 selects one telephone number from a list of a plurality of telephone numbers represented by the transmission number data 12e, and makes a telephone call to the mobile phone 30 using the selected telephone number.

  The transmission number authentication data 12f is data for performing authentication using the telephone number selected from the transmission number data 12e. As shown in FIG. 7, the transmission number authentication data 12f includes a user ID, a transmission number, a transmission date and time, and an authentication result.

  The user ID is information for uniquely identifying the user. The transmission number is a telephone number selected from the transmission number data 12e. The outgoing date and time represents the date and time when the telephone call was made. The call origination date and time is used to specify the elapsed time after the phone call. The authentication result represents an authentication result based on a transmission number (source telephone number).

  As the transaction data 12g, a new record is generated when authentication (login authentication) is normally performed using a transmission number (caller's telephone number). As shown in FIG. 8, the transaction data 12g includes a request ID, a mobile phone number, a table ID, a transmission number, a transfer destination, a falsification detection result, and the like for each record.

  The request ID is information for uniquely identifying a transfer request. The mobile phone number is the phone number of the mobile phone 30 owned by the user. The table ID is information for uniquely identifying the character change table TB supplied to the client terminal 20. The transmission number is a telephone number selected from the transmission number data 12e. The transfer destination is information represented by the received transfer destination data. Specifically, the transfer destination has a recipient's bank name, branch name, account type, account number, recipient's name, amount, and the like. The detection result indicates whether the transfer destination data has been tampered with.

  The control unit 11 includes a CPU (Central Processing Unit), a RAM (Random Access Memory) that functions as a main memory of the CPU, and the like. The control unit 11 controls the storage unit 12, the Internet communication unit 13, the telephone network communication unit 14, and the dedicated network communication unit 15, thereby controlling the entire falsification detection device 10.

  Further, the control unit 11 executes the control program 12 a stored in the storage unit 12. Thereby, the control unit 11 functions as a user information authentication unit 11a, a telephone number authentication unit 11b, an applet transmission unit 11c, a character change table supply unit 11d, a character data reception unit 11e, a character change determination unit 11f, and a falsification detection unit 11g. The processing described below is performed by each function.

  Next, the configuration of the client terminal 20 will be described with reference to FIG. The client terminal 20 includes a control unit 21, a storage unit 22, an Internet communication unit 23, an input unit 24, and a display unit 25.

  The Internet communication unit 23 includes a communication interface device such as a network adapter. The Internet communication unit 23 communicates with the tampering detection apparatus 10 via the Internet 40.

  The input unit 24 includes an input interface device that accepts various operations from the user. The input unit 24 supplies operation signals corresponding to the received various operations to the control unit 21. The input unit 24 displays an incoming call on the mobile phone 30 according to the user's operation, such as a user ID, a password, a transfer destination (recipient's bank name, branch name, account type, account number, recipient's name, amount, etc.). The telephone number of the alteration detection device 10 is input.

  The display unit 25 includes a display interface such as an LCD (Liquid Crystal Display) and an organic EL (Electro-Luminescence). The display unit 25 displays images corresponding to various image data supplied from the control unit 21 on the screen. For example, the display unit 25 includes a screen for inputting a user ID and a password, a screen for inputting a telephone number of the falsification detection device 10 displayed on the mobile phone 30, a screen for inputting a transfer destination (transfer destination input screen), and falsification. A screen (warning screen) for notifying that the transaction has been completed, a screen (transaction completion screen) for notifying that the transaction has been completed, and the like are displayed.

  The storage unit 22 includes a storage device such as an HDD, a ROM, or a flash memory. The storage unit 22 stores various programs and data used by the control unit 21 to perform various processes, and various data generated or acquired by the control unit 21 performing various processes.

  The control unit 21 includes a CPU, a RAM that functions as a main memory of the CPU, and the like. The control unit 21 controls the storage unit 22, the Internet communication unit 23, the input unit 24, and the display unit 25, thereby controlling the entire client terminal 20.

  In addition, the control unit 21 receives the transfer destination transmission applet 12b from the falsification detection device 10 and executes it. Thereby, the control part 21 functions as the character change table acquisition part 21a, the character change part 21b, the character data transmission part 21c, and the detection result acquisition part 21d, and the below-mentioned process is performed by each function.

  Next, the configuration of the mobile phone 30 will be described with reference to FIG. The mobile phone 30 includes a control unit 31, a storage unit 32, a telephone network communication unit 33, an input unit 34, and a display unit 35.

  The telephone network communication unit 33 includes a communication interface device such as a telephone line connection device. The telephone network communication unit 33 waits for an incoming call from the falsification detection device 10.

  The input unit 34 includes an input interface device that accepts various operations from the user. The input unit 34 supplies operation signals corresponding to the received various operations to the control unit 31. For example, the input unit 34 supplies the control unit 31 with an operation signal corresponding to a user operation that causes the display unit 35 to display the telephone number of the falsification detection device 10.

  The display unit 35 includes a display interface such as an LCD or an organic EL. The display unit 35 displays images corresponding to various image data supplied from the control unit 31 on the screen. For example, the display unit 35 displays that there is an incoming call from the falsification detection device 10 (one missed call), the telephone number of the falsification detection device 10, and the like.

  The storage unit 32 includes a storage device such as an HDD, a ROM, or a flash memory. The storage unit 32 stores various programs and data used for the control unit 31 to perform various processes, and various data generated or acquired by the control unit 31 performing various processes.

  The control unit 31 includes a CPU, a RAM that functions as a main memory of the CPU, and the like. The control unit 31 controls the storage unit 32, the telephone network communication unit 33, the input unit 34, and the display unit 35, thereby controlling the entire mobile phone 30.

The falsification detection system 1 configured as described above roughly performs the following processing.
(1) Processing for authenticating the user of the client terminal 20 (2) Processing for supplying the character change table TB to the client terminal 20 that has succeeded in the login authentication (3) The falsification detection device 10 detects whether the transfer destination data has been falsified processing

  Hereinafter, the operation of the falsification detection system 1 will be described. The tampering detection apparatus 10 reads and executes the control program 12a stored in the storage unit 12 after the power is turned on. Thus, during the activation of the falsification detection device 10, the control unit 11 performs the user information authentication unit 11a, the telephone number authentication unit 11b, the applet transmission unit 11c, the character change table supply unit 11d, the character data reception unit 11e, and the character change determination. It functions as the unit 11f and the falsification detection unit 11g.

  First, the process for authenticating the user of the client terminal 20 shown in (1) above will be described with reference to FIGS.

  When the user operates the input unit 24 and selects the item “login” displayed on the display unit 25 in a state where the bank top page screen is displayed on the display unit 25 of the client terminal 20, the control unit 21 makes a login request to the tampering detection apparatus 10 via the Internet communication unit 23 (step S201).

  When the user information authentication unit 11a of the tampering detection apparatus 10 receives a login request from the client terminal 20 (step S101), user information representing a screen (user information request screen) for requesting input of user information (user ID and password). Request screen data is transmitted to the client terminal 20 (step S102).

  When receiving the user information request screen data from the falsification detection device 10, the control unit 21 of the client terminal 20 displays the user information input request screen represented by the screen data on the display unit 25. The user performs an operation of inputting his / her user ID and password to each item displayed on the display unit 25 via the input unit 24. For example, the user inputs a user ID “U0003” and a password “***”. In addition, the user performs an operation of selecting (clicking or the like) the completion button displayed on the display unit 25 via the input unit 24. In accordance with the user operation, the control unit 21 transmits user information (user ID and password) to the tampering detection apparatus 10 (step S202).

  When receiving the user information from the client terminal 20 (step S103), the user information authenticating unit 11a of the tampering detection apparatus 10 performs an authentication process using the received user information (step S104).

  When the record having the received user information is not registered in the user information data 12c, the user information authentication unit 11a determines that the user information is not correct user information (step S105; NO). In this case, the user information authentication unit 11a transmits authentication error screen data representing a screen for notifying an authentication error (authentication error screen) to the client terminal 20 (step S106). Thereafter, the user information authenticating unit 11a returns to step S101 and enters a standby state until another login request is made.

  When receiving the authentication error screen data from the falsification detection device 10, the control unit 21 of the client terminal 20 displays an authentication error screen represented by the screen data on the display unit 25 (step S203). In this case, the control unit 21 of the client terminal 20 displays the bank top page screen (screen before the login process) on the display unit 25. That is, in this case, the client terminal 20 has failed to log in, and the user cannot use the Internet banking transfer service. In order to use the service, the user needs to make a login request again (return to step S201).

  On the other hand, the user information authenticating unit 11a of the tampering detection apparatus 10 determines that the user information is correct user information that matches the user information in the user information data 12c (step S105; YES). Here, information that matches the user information (user ID “U0003” and password “***”) received from the client terminal 20 is registered in the user information data 12c. Therefore, the user information authentication unit 11a determines that the user information is correct, and in this case, the process proceeds to step S107 illustrated in FIG.

  When the user information authentication unit 11a determines that the user information is correct (step S105; YES), the telephone number authentication unit 11b acquires the mobile phone number corresponding to the user information from the user information data 12c (step S107). . Here, the telephone number authentication unit 11b acquires the mobile phone number “090-3456-7890” corresponding to the user ID “U0003” and the password “***” from the user information data 12c.

  Further, the telephone number authenticating unit 11b selects one telephone number from a list of a plurality of telephone numbers represented by the transmission number data 12e (step S108). Then, the telephone number authentication unit 11b generates a new record in the transmission number authentication data 12f, and registers the user ID obtained in step S103 and the selected telephone number in the generated record. Here, the telephone number authenticating unit 11b selects the telephone number “03-3235-2222” from the transmission number data 12e, and the user ID “U0003” and the telephone number “03-” are added to the new record of the transmission number authentication data 12f. 3235-2222 ".

  The telephone number authenticating unit 11b makes a telephone call using the mobile phone number acquired in step S107 as the destination and the telephone number selected in step S108 as the source (step S109). Here, the telephone number authenticating unit 11b makes a telephone call using “090-3456-7890” as the destination and “03-3235-2222” as the source. Note that this processing is intended to notify the mobile phone 30 of the telephone number of the falsification detection device 10, and therefore, after a time of about one call has elapsed, the outgoing call is terminated (that is, one-off is performed). .

  In addition, the telephone number authenticating unit 11b registers the date and time when the call was made in the outgoing date and time included in the new record generated in the outgoing number authentication data 12f. For example, the telephone number authenticating unit 11b registers “2014/12/24 18:01” as the transmission date and time.

  When there is an incoming call from the falsification detection device 10 to the user's mobile phone 30, the control unit 31 of the mobile phone 30 displays the received phone number on the display unit 35 (step S301). Here, the mobile phone 30 displays the telephone number “03-3235-2222” on the display unit 35.

  Furthermore, the telephone number authenticating unit 11b of the falsification detecting device 10 transmits incoming number input screen data representing a screen (incoming number input screen) for requesting input of the telephone number displayed on the mobile phone 30 to the client terminal 20. (Step S110). Note that the user ID ("U0003" in this case) registered in the new record of the calling number authentication data 12f is added to the incoming number input screen data.

  When receiving the incoming call number input screen data from the falsification detection device 10, the control unit 21 of the client terminal 20 displays the incoming call number input screen represented by the screen data on the display unit 25 (step S204). The user performs an operation of inputting the telephone number of the tampering detection apparatus 10 displayed as an incoming call on the mobile phone 30 to the item displayed on the display unit 25 via the input unit 24. Here, the user inputs the telephone number “03-3235-2222”. Further, the user performs an operation of selecting a completion button displayed on the display unit 25 via the input unit 24. In accordance with this operation, the control unit 21 transmits data representing the incoming call number (incoming call number data) to the falsification detection device 10 (step S205). The incoming call number data includes the user ID (here, “U0003”) added to the incoming call number input screen data.

  When the telephone number authenticating unit 11b of the falsification detecting apparatus 10 receives the incoming call number data from the client terminal 20 (step S103), the telephone number authenticating unit 11b performs an authentication process using the received incoming call number data (step S111).

  The telephone number authenticating unit 11b includes a record having a user ID and a telephone number included in the incoming call number data that is not registered in the outgoing number authentication data 12f, or is included in the record even if the record is registered. If the outgoing date / time has passed for a certain time (for example, 30 minutes or longer), it is determined that the telephone number is not correct (step S112; NO). In this case, the telephone number authenticating unit 11b transmits authentication error screen data representing an authentication error notification screen (authentication error screen) to the client terminal 20 (step S113). Thereafter, the telephone number authenticating unit 11b returns to step S101 and enters a standby state until another login request is made.

  When receiving the authentication error screen data from the falsification detection device 10, the control unit 21 of the client terminal 20 displays the authentication error screen represented by the screen data on the display unit 25 (step S206). In this case, the control unit 21 of the client terminal 20 displays the bank top page screen (screen before the login process) on the display unit 25. That is, in this case, the client terminal 20 has failed to log in. Therefore, in this case, the Internet banking transfer service cannot be used. In order to use the service, it is necessary to make a login request again (return to step S201).

On the other hand, the telephone number authenticating unit 11b of the falsification detecting apparatus 10 has a record having a user ID and a telephone number included in the incoming number data registered in the outgoing number authentication data 12f and the outgoing number included in the record. If the date and time has not passed for a certain time (for example, 30 minutes or more), it is determined that the telephone number is correct (step S112; YES). Here, a record having the user ID “U0003” and the telephone number “03-3235-2222” included in the received incoming number data is registered in the outgoing number authentication data 12f. In addition, it is assumed that the date and time when the incoming number data is received has not passed for a certain period of time (for example, 30 minutes or more) from the outgoing date and time included in the record. In this case, the telephone number authenticating unit 11b determines that the telephone number is correct, and proceeds to step S114 shown in FIG.
Thus, a series of processes for authenticating the user of the client terminal 20 (the process shown in (1) above) is completed.

  Next, with reference to FIG. 13, the process of supplying the character change table TB to the client terminal 20 that has succeeded in the login authentication shown in (2) above will be described.

  If the telephone number authenticating unit 11b of the tampering detection apparatus 10 determines that the telephone number is correct (step S112 shown in FIG. 12; YES), the applet transmitting unit 11c generates a new record in the transaction data 12g. In addition, the applet transmission unit 11c extracts the user ID (“U0003”) included in the incoming number data received in step S111. Further, the applet transmission unit 11c extracts the mobile phone number (“090-3456-7890”) corresponding to the extracted user ID from the user information data 12c. The applet transmission unit 11c registers the request ID (for example, “T002”) and the mobile phone number “090-3456-7890” in the new record of the transaction data 12g.

  Thereafter, the applet transmission unit 11c transmits, to the client terminal 20, transfer destination input screen data representing a screen (transfer destination input screen) that requests the user to input the transfer destination (step S114). The request ID registered in the new record of the transaction data 12g (here, “T002”) is added to the transfer destination input screen data.

  When receiving the transfer destination input screen data from the falsification detection device 10, the control unit 21 of the client terminal 20 displays the transfer destination input screen represented by the screen data on the display unit 25 (step S207). As shown in FIG. 14, the transfer destination input screen has items for inputting a bank name, branch name, type, account number, payee, and amount. The user performs an operation of inputting necessary information for each item displayed on the display unit 25 via the input unit 24. Specifically, the bank name, branch name, and recipient are entered in katakana, and the account number and amount are entered in numbers. As the account type, either “normal” or “current” is selected. After the user inputs necessary information for all input items, the user performs an operation of selecting a completion button displayed on the display unit 25 (clicking or the like) via the input unit 24. When the user performs an operation of selecting a completion button, the control unit 21 detects that the input of the transfer destination has been completed, along with the request ID (here, “T002”) added to the transfer destination input screen data. Notify the device 10 (send input completion notification). Based on this notification (transmission of input completion notification), the control unit 21 requests the tampering detection apparatus 10 for the transfer destination transmission applet 12b (step S208). In step S <b> 208, the transfer destination data is not transmitted to the falsification detection device 10.

  When the applet transmission unit 11 c of the falsification detection device 10 receives a request for the transfer destination transmission applet 12 b from the client terminal 20, the applet transmission unit 11 c reads the transfer destination transmission applet 12 b from the storage unit 12. The applet transmitting unit 11c transmits the read transfer destination transmitting applet 12b to the requesting client terminal 20 together with the request ID (here, “T002”) added to the input completion notification (step S115).

  The control unit 21 of the client terminal 20 receives the transfer destination transmission applet 12b from the falsification detection device 10 and executes it (step S209). Thereby, the control part 21 functions as the character change table acquisition part 21a, the character change part 21b, the character data transmission part 21c, and the detection result acquisition part 21d.

  As shown in FIG. 15, the character change table acquisition unit 21a pops up the incoming number input screen on the display unit 25 (step S210). In addition, the character change table acquisition unit 21a requests the character change table from the falsification detection device 10 (step S211). The character change table request is transmitted to the falsification detection device 10 together with the request ID (here, “T002”) added to the transfer destination transmission applet 12b.

  When the character change table supply unit 11d of the alteration detection device 10 receives the request for the character change table from the client terminal 20, the character change table supply unit 11d selects one transmission number from the transmission number data 12e, similarly to the above-described step S108 (step S116). . Further, the character change table supply unit 11d selects one character change table TB from the character change table data 12d (step S117). Here, the character change table supply unit 11d selects the character change table TB02 having the telephone number “03-3235-3333” and the table ID “TB02”.

  Further, the character change table supply unit 11d encrypts the selected character change table TB with the selected telephone number (step S118). Then, the character change table supply unit 11d transmits the encrypted character change table TB to the requesting client terminal 20 (step S119). The request ID (“T002” here) received together with the request for the character change table is added to the character change table TB.

  Further, the character change table supply unit 11d registers the selected transmission number and table ID in the record having the request ID received together with the request for the character change table in the transaction data 12g. Here, the character change table supply unit 11d registers the table ID “TB02” and the transmission number “03-3235-3333” in the record having the request ID “T002”.

  Furthermore, the character change table supply unit 11d extracts the mobile phone number from the record having the request ID of the transaction data 12g, uses the extracted mobile phone number as the destination, and the phone number selected in step S116 as the sender. A telephone call is made (step S120). Here, the character change table supply unit 11d performs a telephone call with the mobile phone number “090-3456-7890” as the destination and “03-3235-3333” as the source. Note that this processing is intended to notify the mobile phone 30 of the telephone number of the falsification detection device 10, and therefore, after a time of about one call has elapsed, the outgoing call is terminated (that is, one-off is performed). .

  When there is an incoming call from the falsification detection device 10 to the user's mobile phone 30, the control unit 31 of the mobile phone 30 displays the received phone number on the display unit 35 (step S302). Here, the mobile phone 30 displays the telephone number “03-3235-3333” on the display unit 35.

The character change table acquisition unit 21a of the client terminal 20 receives the encrypted character change table TB from the falsification detection device 10 and temporarily stores it (step S212). The user performs an operation of inputting the telephone number of the falsification detection device 10 displayed as an incoming call on the mobile phone 30 in the input item of the incoming call number input screen shown in FIG. Here, the user inputs the telephone number “03-3235-3333”. In addition, the user performs an operation of selecting an OK button displayed on the incoming number input screen via the input unit 24. The character change table acquisition unit 21a decrypts the encrypted character change table TB with the telephone number (the incoming-displayed telephone number) input in accordance with the user's operation (step S213). Thereafter, the character change table acquisition unit 21a temporarily stores the decrypted character change table TB. As a result, the character change table TB can be used in the client terminal 20.
Thus, a series of processes (the process shown in (2) above) for supplying the character change table TB to the client terminal 20 that has succeeded in the login authentication is completed.

  Next, with reference to FIG. 16 and FIG. 18, processing for detecting the presence / absence of falsification of transfer destination data by the falsification detection device 10 shown in (3) above will be described.

  The character change part 21b of the client terminal 20 changes the character of the bank name set as a detection object among the transfer destinations input into the transfer destination input screen with the decoded character change table TB (step S214). . For example, as shown in FIG. 14, when “IVISI” is input to the input item of the bank name displayed on the transfer destination input screen, the character changing unit 21 b displays the character “IVISI” as the detection target. The corresponding character “C @ 3 #” is changed according to the character change table TB02 shown in FIG.

  The character data transmission unit 21c detects the object after the character is changed by the character change unit 21b (here, the bank name “C @ 3 #”) and other transfer destinations (branch name, type, account number, recipient) , Money amount, etc.) is generated. Note that the transfer destination data includes a request ID (here, “T002”) added to the character change table TB. The character data transmission unit 21c transmits the generated transfer destination data to the falsification detection device 10 (step S215).

  When receiving the transfer destination data from the client terminal 20 (step S121), the character data receiving unit 11e of the tampering detection apparatus 10 extracts character data representing a detection target from the received transfer destination data. Here, the character data receiving unit 11e extracts character data representing a bank name.

  The character change determining unit 11f determines whether or not the detection target character represented by the character data extracted by the character data receiving unit 11e has been changed to a preset character (step S122).

  Specifically, the character change determination unit 11f extracts the table ID (here, “TB02”) from the record having the request ID (here, “T002”) included in the transfer destination data in the transaction data 12g. To do. The character change determination unit 11f extracts the character change table TB (here, the character change table TB02 shown in FIG. 5) corresponding to the extracted table ID (“TB02”) from the character change table data 12d. Then, the character change determination unit 11f determines whether or not the character to be detected has been changed to a preset character. The character change determination unit 11f performs this determination based on whether or not the character to be detected is in (belongs to) the changed character represented by the character change table TB. Here, the character to be detected is “C @ 3 #”, and each character belongs to a changed character. In this case, the character change determining unit 11f determines that the character to be detected has been changed to a preset character (step S122; YES). In this case, the falsification detection unit 11g detects that the transfer destination data (character data) has not been falsified.

  On the other hand, if at least one of the detection target characters does not belong to the changed character represented by the character change table TB, the character change determination unit 11f has not changed the detection target character to a preset character. (Step S122; NO). In this case, the falsification detection unit 11g detects that the transfer destination data (character data) has been falsified, and transmits warning screen data representing a screen (warning screen) to notify that to the client terminal 20. (Step S123). Thereafter, the falsification detection unit 11g forcibly releases the log-in state of the client terminal 20 (logs out). Further, the falsification detection unit 11g deletes the record having the request ID included in the transfer destination data from the transaction data 12g. Thereafter, the falsification detection unit 11g returns to step S101 and enters a standby state until another login request is received.

  When receiving the warning screen data from the falsification detection device 10, the detection result acquisition unit 21 d of the client terminal 20 displays the fact that the falsification has been made on the display unit 25 (step S 216). Further, the detection result acquisition unit 21d of the client terminal 20 displays a bank top page screen (screen before the login process) on the display unit 25. In this case, the transfer destination data (bank name, branch name, account number, etc.) is likely to be falsified by Man in the Browser or Man in the Middle. It is necessary to take measures such as updating the 20 security software to the latest state. Further, since the client terminal 20 logs out after receiving the warning screen data, the user needs to make a login request again in order to use the Internet banking transfer service (return to step S201). ).

  On the other hand, as shown in FIG. 18, after the falsification detection unit 11g of the falsification detection device 10 detects that the transfer destination data (character data) has not been falsified, whether or not there is an error in the input of the transfer destination. Is determined (step S124).

  Specifically, the falsification detection unit 11g returns the character to be detected represented by the character data extracted by the character data reception unit 11e to the character before the change by the character change table TB used for falsification detection. Here, the alteration detection unit 11g returns the character “C @ 3 #” to be detected to the character “IVISI” before the change by using the character change table TB02. The falsification detection unit 11g actually has a transfer destination composed of a detection target (bank name) returned to the character before the change and other transfer destinations (branch name, type, account number, payee, amount, etc.) Whether or not there is an error in the input of the transfer destination is determined on the basis of whether or not to do so. When the bank name represents the bank, the falsification detection unit 11g determines whether or not the user information data 12c has a record that matches the type and account number included in the transfer destination. Further, when the bank name represents another bank, the falsification detection unit 11g inquires of the other bank server 60 about the type and account number included in the transfer destination via the dedicated network communication unit 15.

  When it is determined that there is an error in the transfer destination input (step S124; YES), the falsification detection unit 11g determines whether the input has reached a certain number of times (for example, three times) (step S125). If the falsification detection unit 11g determines that the predetermined number of times has not been reached (step S125; NO), it transmits the transfer destination input screen data to the client terminal 20 and requests re-input of the transfer destination (step S126). . In this case, only the input items (type, account number, etc.) with errors may be set as defaults.

  When receiving the transfer destination input screen data from the falsification detection device 10, the detection result acquisition unit 21d of the client terminal 20 displays the transfer destination input screen represented by the screen data on the display unit 25 (step S217). Similar to step S207, the user inputs necessary information for each item displayed on the display unit 25 via the input unit 24, and performs an operation of selecting a completion button displayed on the display unit 25. When the user performs an operation of selecting the completion button, the detection result acquisition unit 21d generates transfer destination data representing the input transfer destination, and transmits this to the falsification detection device 10 (step S218). Here, since it has been detected that the transfer destination data (character data) has not been tampered with, it is assumed that the process of changing the detection target character is not performed. Further, the detection result acquisition unit 21d determines whether the falsification detection device 10 determines that there is no error in the input of the transfer destination or until the number of times that it is determined that there is an error in the input reaches a certain number of times. (Step S124; NO / Step S125; YES).

  When the tampering detection unit 11g of the tampering detection apparatus 10 determines that the number of times it is determined that there is an error in the input has reached a certain number (step S125; YES), a screen for notifying that the transfer destination is unknown (step S125). Transfer destination unknown notification data representing the transfer destination unknown screen is transmitted to the client terminal 20 (step S127). Thereafter, the falsification detection unit 11g forcibly releases the log-in state of the client terminal 20 (logs out). Further, the falsification detection unit 11g deletes the record having the request ID included in the transfer destination data from the transaction data 12g. Thereafter, the falsification detection unit 11g returns to step S101 and enters a standby state until another login request is received.

  When receiving the transfer destination unknown notification data from the falsification detection device 10, the detection result acquisition unit 21d of the client terminal 20 displays a transfer destination unknown screen on the display unit 25 (step S219). Further, the detection result acquisition unit 21d of the client terminal 20 displays a bank top page screen (screen before the login process) on the display unit 25. In this case, since the input transfer destination is incorrect, the user needs to confirm the correct transfer destination. Further, since the client terminal 20 logs out after receiving the transfer destination unknown notification data, the user needs to make a login request again in order to use the Internet banking transfer service (step S201). Back to).

  On the other hand, when the falsification detection unit 11g of the falsification detection device 10 determines that there is no error in the input of the transfer destination (step S124; NO), that is, when the input transfer destination actually exists, the transfer processing is executed ( Step S128). In this case, the falsification detection unit 11g registers the transfer destination represented by the transfer destination data in the record having the request ID included in the transfer destination data in the transaction data 12g. Here, the falsification detection unit 11g adds a bank name “Ibishi”, a branch name “Jinboucho”, a type “ordinary”, an account number “45567890”, a recipient “Jitsu Jiro” to a record having the request ID “T002”. The amount “50,000 yen” is registered. Further, the falsification detection unit 11g extracts the mobile phone number included in the record having the request ID included in the transfer destination data from the transaction data 12g. Here, the falsification detection unit 11g extracts the mobile phone number “090-3456-7890” included in the record having the request ID “T002”. The falsification detection unit 11g extracts the name (requester) and the account information (account information of the requester) included in the record having the extracted mobile phone number from the user information data 12c. Here, the falsification detection unit 11g extracts the names “Tokyo Ichiro” and “Normal 0000-123-3456789” included in the record having the mobile phone number “090-3456-7890”. Then, the falsification detection unit 11g transfers the specified amount (here, “50,000 yen”) from the client (here, “Tokichi Ichiro”) account to the recipient (here, “Jitsugyo Giraud”). Perform the transfer process.

  After the transfer process, the falsification detection unit 11g transmits transaction completion notification data representing a screen (transaction completion screen) for notifying that the transaction has been completed to the client terminal 20 (step S129). Thereafter, the falsification detection unit 11g forcibly releases the log-in state of the client terminal 20 (logs out). Thereafter, the falsification detection unit 11g returns to step S101 and enters a standby state until another login request is received.

When receiving the transaction completion notification data from the falsification detection device 10, the detection result acquisition unit 21d of the client terminal 20 displays a transaction completion screen on the display unit 25 as shown in FIG. 19 (step S220). Thereby, the user can confirm that the transfer has been completed normally.
Further, the detection result acquisition unit 21d of the client terminal 20 displays a bank top page screen (screen before the login process) on the display unit 25. Further, since the client terminal 20 logs out after receiving the transaction completion notification data, the user needs to make a login request again in order to use the Internet banking transfer service (in step S201). Return).
As described above, a series of processing (the processing shown in (3) above) for detecting whether or not the transfer destination data is falsified by the falsification detection device 10 is completed.

  As described above, the falsification detection device 10 is changed to a preset character depending on whether or not the character to be detected represented by the character data in the transfer destination data belongs to the changed character in the character change table TB. It is determined whether or not. When the falsification detection device 10 determines that the transfer destination data has been changed to a set character, the falsification detection device 10 detects that the transfer destination data has not been falsified, and determines that the transfer has not been changed to the set character. Detect that the destination data has been tampered with. Thus, according to the present embodiment, it is possible to easily detect data tampering and to provide a safer network service.

  In the above embodiment, an example in which a bank name is set as a detection target has been described. However, a branch name or an account number may be set as a detection target. The branch name is usually entered in katakana. Therefore, when the branch name is set as a detection target, the changed characters included in the character change table TB are composed of characters other than katakana (characters other than the type of input character) such as letters, numbers and symbols. The The account number is entered as a number. Therefore, when the account number is set as a detection target, the change characters included in the character change table TB are characters other than numbers (characters other than the type of input character) such as katakana, English characters, symbols, and kanji characters. Composed. Note that the input characters included in the character change table TB are not necessarily one type, and may be a plurality of types. For example, the bank name may be entered in katakana or English characters. In such a case, the input characters included in the character change table TB have katakana and English characters and a character code for identifying the characters. Further, the change characters included in the character change table TB do not necessarily have to be plural types, and are composed of one type of character (for example, only a symbol) other than the type of input character and a character code for identifying the character. Also good.

  Furthermore, a plurality of detection targets may be set, such as a combination of a bank name and a branch name, or a combination of a bank name, a branch name, and an account number. Further, the number of detection targets may be fixed or variable. When the number of detection targets is variable, it is set by the falsification detection device 10 for each communication performed between the falsification detection device 10 and the client terminal 20.

  In addition, the number of characters and the character position can be set as appropriate for the detection target. For example, the detection target may be set as “a bank name having two characters from the top”. In this case, the client terminal 20 changes the first two characters “A” in the bank name “IVISI” input according to the user's operation to “C @” using the character change table TB. Note that the number of characters and the character position to be set may be fixed or variable. In addition, when making the number of characters or a character position variable, it sets by the alteration detection apparatus 10 for every communication performed between the alteration detection apparatus 10 and the client terminal 20. FIG.

  Further, the tampering detection apparatus 10 may hash-convert the telephone number transmitted to the mobile phone 30 and encrypt the character change table TB using the telephone number after the hash conversion. Specifically, the character change table supply unit 11d of the tampering detection apparatus 10 performs hash conversion on one telephone number selected from the transmission number data 12e, and encrypts the character change table TB with the telephone number after hash conversion. In this case, the character change table acquisition unit 21a of the client terminal 20 performs the hash conversion on the telephone number of the falsification detection device 10 that is received and displayed on the mobile phone 30, and the character change table encrypted by the telephone number after the hash conversion. Decode TB. In this case, the client terminal 20 is required to use a common hash function with the falsification detection device 10.

  The client terminal 20 may encrypt the transfer destination data and transmit the encrypted transfer destination data to the tampering detection apparatus 10. Specifically, the character data transmission unit 21c of the client terminal 20 encrypts the transfer destination data based on the telephone number of the falsification detection device 10 displayed on the mobile phone 30 and detects the falsification of the encrypted transfer destination data. Transmit to device 10. In this case, the character data reception unit 11e of the falsification detection device 10 receives the encrypted transfer destination data received from the client terminal 20 as the transfer destination data out of the telephone number (transaction data 12g of the transaction data 12g). Decoding based on the transmission number of the record having the added request ID. Thereby, the security of transfer destination data can be improved more.

  Further, in the transmission number data 12e stored in the falsification detection device 10, each transmission number may have a plurality of subaddresses. As a result, the number of transmission numbers can be substantially increased by the number of subaddresses, and even when the number of transmission numbers held by the falsification detection device 10 is small, the security of authentication by the transmission number can be improved. .

  Further, the tampering detection apparatus 10 first receives character data representing a detection target, and determines whether or not the detection target character represented by the received character data has been changed to a preset character. Also good. In this case, the falsification detection device 10 may receive the transfer destination data from the client terminal 20 when it is determined that the character has been changed to a preset character.

  The client terminal 20 transmits character data representing the input information to the falsification detection device 10 every time corresponding information is input to the item displayed on the transfer destination input screen, and the transfer destination input screen is displayed. For each displayed item, the falsification detection apparatus 10 may be made to sequentially determine whether or not the character data has been falsified. In this case, the tampering detection apparatus 10 detects whether or not the received character data has been tampered with each time it receives character data corresponding to the item displayed on the transfer destination input screen.

  In the above embodiment, the character change table supply unit 11d of the falsification detection device 10 encrypts the character change table TB and supplies the encrypted character change table TB to the client terminal 20, but the character change table TB is The character change table TB may be supplied to the client terminal 20 without being encrypted.

  Further, in the above embodiment, the transfer destination transmission applet 12b is transmitted from the falsification detection device 10 to the client terminal 20 when requested by the client terminal 20 at the timing when the input of the transfer destination is completed in the client terminal 20. . However, the transfer destination transmission applet 12b may be stored in the client terminal 20 before using the Internet banking transfer service (that is, before login).

  Further, the transfer destination transmission applet 12b may not be supplied to the client terminal 20 via the Internet 40. For example, a portable memory storing the transfer destination transmission applet may be provided to the user by a bank counter or by mail. In this case, the control unit 21 of the client terminal 20 reads and executes the transfer destination transmission applet from the portable memory, thereby executing a character change table acquisition unit 21a, a character change unit 21b, a character data transmission unit 21c, and a detection result acquisition unit 21d. Function as.

  Further, the character change table TB may not be supplied to the client terminal 20 via the Internet 40. For example, a portable memory storing the character change table TB or a paper medium on which the character change table TB is printed may be provided to the user by a bank window or mail. In this case, the falsification detection device 10 uses the change character corresponding to the character to be detected (for example, “C @ 3 #” corresponding to the bank name “ibishi”) input by the user referring to the character change table TB. Receive character data to represent. Then, the falsification detection device 10 determines whether or not the character represented by the received character data has been changed to a preset character, and detects whether or not the character data has been falsified according to the determination result. May be.

  In addition, in the above embodiment, the user has described an example in which the client terminal 20 and the mobile phone 30 are used. However, when the client terminal 20 can be connected to both the Internet 40 and the telephone network 50, one user terminal is used. The client terminal 20 can also use the falsification detection system 1 (perform processing with the falsification detection apparatus 10).

  In the above description, the falsification detection device has been described as being used for a transfer service in Internet banking. However, the tamper detection device may be implemented in other modes. For example, the tampering detection device may detect the presence or absence of tampering with respect to data of a foreign language document in which the type of characters input by the user is specified, such as only English letters or only Kanji characters.

  The tampering detection apparatus 10 according to the present embodiment may be realized by a dedicated system or an ordinary computer system. For example, the falsification detection device 10 is configured by storing and distributing a program for executing the above-described operation on a computer-readable recording medium, installing the program in a computer, and executing the above-described processing. Also good. Further, the program may be stored in a disk device provided in a server device on a network such as the Internet so that it can be downloaded to a computer. Further, the above functions may be realized by cooperation between the OS and application software. In this case, a part other than the OS may be stored and distributed in a medium, or a part other than the OS may be stored in a server device and downloaded to a computer.

  Various embodiments and modifications can be made to the present invention without departing from the broad spirit and scope of the present invention. Further, the above-described embodiment is for explaining the present invention, and does not limit the scope of the present invention. In other words, the scope of the present invention is shown not by the embodiments but by the claims. Various modifications within the scope of the claims and within the scope of the equivalent invention are considered to be within the scope of the present invention.

  The present invention can be used to detect alteration of character data in which the type of input character is designated.

  DESCRIPTION OF SYMBOLS 1 ... Falsification detection system, 10 ... Falsification detection apparatus, 11 ... Control part, 11a ... User information authentication part, 11b ... Telephone number authentication part, 11c ... Applet transmission part, 11d ... Character change table transmission part, 11e ... Character data reception 11f ... Character change determination unit, 11g ... Falsification detection unit, 12 ... Storage unit, 12a ... Control program, 12b ... Bank transfer transmission applet, 12c ... User information data, 12d ... Character change table data, 12e ... Calling number data , 12f ... Calling number authentication data, 12g ... Transaction data, 13 ... Internet communication unit, 14 ... Telephone network communication unit, 15 ... Dedicated network communication unit, 20, 20a, 20b ... Client terminal, 21 ... Control unit, 21a ... Character Change table acquisition unit, 21b ... Character change unit, 21c ... Character data transmission unit, 21d ... Detection result Acquisition unit, 22 ... storage unit, 23 ... internet communication unit, 24 ... input unit, 25 ... display unit, 30, 30a, 30b ... mobile phone, 31 ... control unit, 32 ... storage unit, 33 ... telephone network communication unit, 34 ... Input unit, 35 ... Display unit, 40 ... Internet, 50 ... Telephone network, 60 ... Other server, 70 ... Dedicated network, TB, TB01, TB02, TB03, TB04 ... Character change table

Claims (11)

Character data receiving means for receiving character data representing a detection target;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. Tamper detection means for detecting that the character data has been tampered with,
A tamper detection device comprising: Character change table storage means for storing a character change table for changing the character to be detected;
In response to a request from the client terminal, the character change table stored in the character change table storage means is supplied to the client terminal, and the client terminal is caused to perform processing for changing the character to be detected by the character change table. A character change table supply means;
The tampering detection apparatus according to claim 1. The character change table supply means selects one telephone number from a list of a plurality of telephone numbers that are prepared in advance, and sets a character change table to be supplied to the client terminal based on the selected telephone number. And the encrypted character change table is supplied to the client terminal, the telephone number selected by the selected telephone number is transmitted to the user's mobile phone using the client terminal, and the telephone number displayed on the mobile phone is displayed. The client terminal to perform a process of decrypting the encrypted character change table based on
The tampering detection apparatus according to claim 2. The character change determining means determines that the character to be detected represented by the character data has been changed to the set character when belonging to the character changed by the character change table, and the character change When it does not belong to the character changed by the table, it is determined that the character has not been changed to the set character.
The tampering detection apparatus according to claim 2 or 3. Causing the computer to function as a character changing unit that changes the character to be detected, and a character data transmitting unit that transmits character data representing the detection target after the character has been changed by the character changing unit to the tampering detection device. Applet storage means for storing applets;
Applet transmission means for transmitting the applet stored in the applet storage means to the client terminal in accordance with a request from the client terminal, and causing the client terminal to execute the applet.
The falsification detection device according to any one of claims 1 to 4. A falsification detection system comprising a client terminal and a falsification detection device that detects the presence or absence of falsification of data transmitted from the client terminal,
The client terminal is
A character changing means for changing a detection target character input in accordance with a user operation;
Character data transmission means for transmitting character data representing a detection target after the character has been changed by the character change means to the falsification detection device,
The tampering detection device includes:
Character data receiving means for receiving the character data from the client terminal;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. A tamper detection means for detecting that the character data has been tampered with,
Tamper detection system. The client terminal is
Further comprising character change table acquisition means for requesting the alteration detection device for a character change table for changing the character to be detected, and acquiring the character change table from the alteration detection device;
The tampering detection device includes:
Character change table storage means for storing the character change table;
In accordance with a request from the client terminal, the character change table stored in the character change table storage means is supplied to the client terminal, and processing for changing the character to be detected by the character change table is performed on the client terminal. And a character change table supply means for
The falsification detection system according to claim 6 characterized by things. The character change table supply means provided in the falsification detection device selects one phone number from a list of a plurality of phone numbers to be prepared in advance and supplies the selected character number to the client terminal. Is encrypted based on the selected telephone number, the encrypted character change table is supplied to the client terminal, and a telephone call is made to the user's mobile phone using the client terminal by the selected telephone number,
The character change table acquisition means provided in the client terminal decrypts the encrypted character change table based on a telephone number displayed as an incoming call on the mobile phone.
The falsification detection system according to claim 7. The tampering detection device includes:
Applet storage means for storing an applet that causes the computer to function as the character change table acquisition means, the character change means, and the character data transmission means;
Applet transmission means for transmitting the applet stored in the applet storage means to the client terminal in accordance with a request from the client terminal;
The client terminal is
Applet receiving means for requesting the applet from the tamper detection device and receiving the applet from the tamper detection device;
Applet executing means for executing the applet received by the applet receiving means;
The character change table acquisition means, the character change means, and the character data transmission means function when the applet is executed by the applet execution means.
The falsification detection system according to claim 7 or 8. A character data receiving step in which the character data receiving unit receives character data representing a detection target; and
A character change determining unit that determines whether or not the character to be detected represented by the character data received by the character data receiving step has been changed to a preset character;
The tampering detection unit detects that the character data has not been tampered with when the character change determining step determines that the character has been changed to the set character, and has changed the character to the set character. A tampering detection step for detecting that the character data has been tampered with when it is determined that
A tamper detection method comprising: Computer
Character data receiving means for receiving character data representing a detection target;
Character change determination means for determining whether or not the character to be detected represented by the character data received by the character data reception means has been changed to a preset character;
When it is determined by the character change determining means that the character has been changed to the set character, it is detected that the character data has not been tampered with, and it has been determined that the character has not been changed to the set character. A tamper detection means for detecting that the character data has been tampered with,
Program to function as.

Images